﻿using Microsoft.AspNetCore.Mvc.Filters;
using Microsoft.AspNetCore.Mvc;
using PMIS.WebApi.Model;
using PMIS.Shared.Models;

namespace PMIS.WebApi.Common.Attributes
{
    [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
    public class AuthorizeAttribute : Attribute, IAuthorizationFilter
    {
        public void OnAuthorization(AuthorizationFilterContext context)
        {
            var user = (User)context.HttpContext.Items["User"];

            if (user == null)
            {
                // not logged in
                context.Result = new JsonResult(new ApiResult()
                {
                    code = StatusCodes.Status401Unauthorized,
                    msg = "Unauthorized Access !!!"
                });
            }
        }
    }
}
